Answered by:

Network DTC Access on a Cluster

Question

Is there any reason why we shouldn't enable Network DTC Access on our SQL 2008 cluster? One of our vendors, has a web app that requires it. It's been running from a separate DB server up to now, but we're trying to consolidate
all DBs to the cluster and came across this issue. I just want to be sure we're not opening up a security can of worms here.

Answers

Regarding to your description, you can enable network DTC Access for SQL Server Cluster. The clustering SQL Server is that you enable & configure the MSDTC (Microsoft Distributed Transaction Coordinator) service in "network" mode. What is your
OS?

If we talk about the option of cluster configuration with needed resources of DTC and ho to be configured, please refer to below:
• You have to add a DTC resource within cluster configurations
• Then you have to right click SQL Service >>Server Properties>> connection >>then mark require distributed transactions for server to server communications >.
• Then you have to go to DTC configurations of cluster in Win 2008 , 2008 R2 or DTC configurations of local nodes with win 2003 , 2003 R2.
• Then apply the same setting you have carried out above
• Then go to APP server and apply the same setting
• Then assure the following 24 K ports are open bidirectional between DB+ APP server (1024 -65535) TCP +TCP 135 also (From DB to APP and from APP to DB)
• Then download DTC ping from Microsoft and run it on both DB + APP server to validate everything is going properly before going live.
• If fine , restart SQL Service to activate using DTC .